HIPAA Security Awareness - PowerPoint PPT Presentation

HIPAA Security Awareness. What You Need To Know. Training Overview. This course will discuss the following subject areas: How this training relates to you Overview of the HIPAA (Health Insurance Portability and Accountability Act) Security rule and terms you should know

Copyright Complaint Adult Content Flag as Inappropriate

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

PowerPoint Slideshow about 'HIPAA Security Awareness' - jaden

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

Because you are an employee who has access to computer equipment or software containing protected health information related to the Wright State University health plans, the HIPAA Security rule requires that you participate in the HIPAA Security awareness training to learn about the basic procedures you must follow to protect that information. Following our electronic security procedures is important because the procedures help to protect the information’s:

Confidentiality (only the right people see it)

Integrity (the information is what it is supposed to be – there has been no unauthorized alteration or destruction.

PHI that was not in electronic form before transmission, such as information shared by: person-to-person telephone calls, copy machines, paper-to-paper fax machines, voicemail, or de-identified information

Three critical security risks must be eliminated or minimized by all Wright State University staff to ensure the confidentiality, availability, and integrity of e-PHI:1. Malicious computer software, such as viruses2. Unauthorized use of system user IDs3. Weak or unprotected system and file passwords

How often should the computer virus software on my workstation or laptop be updated?A. Never; once installed, it never needs to be updatedB. As soon as the updates are availableC. Only after a security incident related to malicious software has occurred

The correct answer is B!Computer virus protection software should be kept as up-to-date as possible in order to ensure that the appropriate safeguards are in place to protect against the new and ever changing malicious software threats that are present.

Security incidents related to malicious software should be reported to the Wright State University CaTS’ Help Desk

In addition, Wright State University employees and contractors who are aware of any misuse of company equipment, software or data within the agency must promptly notify the WSU Information Security Officer

In order to minimize the harm done by a malicious software attack it is critical that the Wright State University Help Desk is notified as soon as possible so that the appropriate corrective actions can be taken immediately.

The correct answer is FalseYou should not leave information at your workstation, laptop or desk that could divulge your system user ID and password because it provides easy access to unauthorized persons. If you must keep a record of this information, store it in a secure location away from your desk and/or workstation. Never keep a record of your system user ID or password in luggage or laptop bags.

Which of the following is a characteristic of a strong password?A. Contains the employee’s date of birthB. An easy to remember word out of the dictionaryC. A sequential string of either letters or numbersD. Random letters, numbers, and punctuation marks

The correct answer is D!Robust passwords consist of a combination of letters, common numbers and special characters. Passwords comprised of repeating numbers, personal information (i.e., birth date), or common words may be easily guessed.

TheHIPAA Security rule requires that Wright State University implement reasonable and appropriate policies and procedures to comply with the HIPAA Security standards, implementation specifications, or other requirements

Wright State University may change its security policies and procedures at any time, if changes are documented and implemented in accordance with the HIPAA Security rule

If you receive a security reminder or security alert in your e-mail in box you should?

A. Delete it without reading its contentsB. Immediately open the e-mail, read it, and follow all of the instructionsC. If you are busy, open and read it laterD. Follow the instructions but only if you think that they apply to you

The correct answer is B!The purpose of security reminders and alerts is to assist in preventing malicious software attacks. By paying immediate attention to the instructions contained in the security reminders and alerts the potential of a successful malicious software attack is greatly reduced.

These security safeguards are essential to protect the confidentiality, integrity and availability of Wright State University systems and data, and must be followed by all workforce staff at all times:

Wright State University is committed to protecting the e-PHI in our control and that we maintain on behalf of our health plans. We will enforce disciplinary sanctions on those employees who violate the company-wide HIPAA Security policy and underlying procedures. Based on the facts and circumstances of a particular violation, sanctions may range from oral warnings to termination of employment.